WWII Secret Agents For Science

November 14, 2025 by No comments

We always enjoy [History Guy]’s musing on all things history, but we especially like it when his historical stories intersect with technology. A good example was his recent video about a small secret group during the Second World War that deployed to the European Theater of Operations, carrying out secret missions. How is that technology related? The group was largely made of scientists. In particular, the team of nineteen consisted of a geographer and an engineer. Many of the others were either fluent in some language or had been through “spy” training at the secret Military Intelligence Training Center at Camp Ritchie, Maryland. Their mission: survey Europe.

Continue reading “WWII Secret Agents For Science”

This Week In Security: Landfall, Imunify AV, And Sudo Rust

November 14, 2025 by No comments

Let’s talk about LANDFALL. That was an Android spyware campaign specifically targeted at Samsung devices. The discovery story is interesting, and possibly an important clue to understanding this particular bit of commercial malware. Earlier this year Apple’s iOS was patched for a flaw in the handling of DNG (Digital NeGative) images, and WhatsApp issued an advisory with a second iOS vulnerability, that together may have been used in attacks in the wild.

Researchers at Unit 42 went looking for real-world examples of this iOS threat campaign, and instead found DNG images that exploited a similar-yet-distinct vulnerability in a Samsung image handling library. These images had a zip file appended to the end of these malicious DNG files. The attack seems to be launched via WhatsApp messaging, just like the iOS attack. That .zip contains a pair of .so shared object files, that are loaded to manipulate the system’s SELinux protections and install the long term spyware payload.

The earliest known sample of this spyware dates to July of 2024, and Samsung patched the DNG handling vulnerability in April 2025. Apple patched the similar DNG problem in August of 2025. The timing and similarities do suggest that these two spyware campaigns may have been related. Unit 42 has a brief accounting of the known threat actors that could have been behind LANDFALL, and concludes that there just isn’t enough solid evidence to make a determination.

Not as Bad as it Looks

Watchtowr is back with a couple more of their unique vulnerability write-ups. The first is a real tease, as they found a way to leak a healthy chunk of memory from Citrix NetScaler machines. The catch is that the memory leak is a part of an error message, complaining that user authentication is disabled. This configuration is already not appropriate for deployment, and the memory leak wasn’t assigned a CVE.

There was a second issue in the NetScaler system, an open redirect in the login system. This is where an attacker can craft a malicious link that points to a trusted NetScaler machine, and if a user follows the link, the NetScaler will redirect the user to a location specified in the malicious link. It’s not a high severity vulnerability, but still got a CVE and a fix. Continue reading “This Week In Security: Landfall, Imunify AV, And Sudo Rust”

Android Developer Verification Starts As Google Partially Retreats On Measures

November 14, 2025 by 14 Comments

In a recent blog post Google announced that the early access phase of its Android Developer Verification program has commenced, as previously announced. In addition to this new announcement Google also claims to be taking note of the feedback it has been receiving, in particular pertaining to non-commercial developers for whom these new measures are incredibly inconvenient. Yet most notable is the ’empowering experienced users’ section, where Google admits that to developers and ‘power users’ the intensive handholding isn’t required and it’ll develop an ‘advanced flow’ where unverified apps can still be installed without jumping through (adb) hoops. Continue reading “Android Developer Verification Starts As Google Partially Retreats On Measures”

FPGA Brings Antique Processor To Life

November 14, 2025 by 7 Comments

For the retro gaming enthusiast, nothing beats original hardware. The feel of the controllers and the exact timing of the original, non-emulated software provide a certain experience that’s difficult or impossible to replicate otherwise. To that end, [bit-hack] wanted to play the original EGA, 16-color version of The Secret of Monkey Island in a way that faithfully recreated the original and came up with this FPGA-based PC with a real NEC V20 powering it all.

The early 90s-style build is based on a low-power version of the V20 called the V20HL which makes it much easier to interface with a modern 3.3 V FPGA compared to the original 5 V chip. It’s still an IBM XT compatible PC though, with the FPGA tying together the retro processor to a 1 MB RAM module, a micro SD slot that acts as a hard disk drive, a digital-to-analog audio converter, and of course the PS/2 keyboard and mouse and VGA port. The mouse was one of the bigger challenges for [bit-hack] as original XT PCs of this era would have used a serial port instead.

With a custom PCB housed in a acrylic case, [bit-hack] has a modern looking recreation of an XT PC running an original processor and capable of using all of the period-correct peripherals that would have been used to play Monkey Island when it was first released.

FPGAs enable a ton of retrocomputing projects across a wide swath of platforms, and if you’re looking to get started the MiSTer FPGA project is a great resource.

Continue reading “FPGA Brings Antique Processor To Life”

An Improbable, Doomed Star System In A Clockwork Coffee Table

November 13, 2025 by 3 Comments

The major objects in our solar system orbit along the plane of the ecliptic, plus or minus few degrees, and it turns out most exoplanet systems are the same — pretty flat, with maybe one highly-inclined outlier. But at [The 5439 Workshop], they don’t care about these details: [5439] has come up with a mechanism to drive inclined orbits in an orrery, and he’s going to use it. The star is exploding, too, because why wouldn’t it be?

While the cinematography of this build video might not be to everyone’s taste, it’s worth watching to see the details of the project. The sliding mechanism to “explode” the star by sliding plates across each other is quite well-done, although perhaps not much not designed for assembly (we’re quite impressed he got it together). It isn’t quite the iris we had expected, as there’s a double-ratchet inside to drive the slow collapse/fast expansion dynamic [5439] is going for. It looks more like the breathing mode of a cepheid variable star than an explosion to us, but it’s still a fascinating piece of laser-sintered aluminum.

The driving mechanism for the inclined orbits is fairly simple, but also worth examining, as we’re not aware of anyone having used it before. The gear rings holding the planets are tilted, and are driven by straight vertical shafts via gears that pivot on knuckle joints. It’s not a revolutionary design, but it’s a big part of what makes this build unique. Since the solar system is very flat, clockwork orreries tend not to bother showing orbital inclination at all. Given the way planets are believed to form from a protoplanetary disk, a system with this many planets in such differing orbital planes seems unlikely to occur naturally, but it certainly adds visual interest.

We like model solar systems around here, be they made from brass and steel, molded plastic LEGO bits, or 3D printed and CNC routed aluminum like this one. That you can sit a coffee mug on it is just bonus. Continue reading “An Improbable, Doomed Star System In A Clockwork Coffee Table”

Tiny386 On An Espressif ESP32-S3

November 13, 2025 by 8 Comments

Some people may remember the joys of trying to boot Linux on an 8-bit AVR microcontroller, which was an absolute exercise in patience. In comparison [He Chunhui]’s Tiny386 emulator running on an ESP32-S3 MCU is positively zippy when it boots and runs Windows 95. The provided video (also embedded below) makes clear that while you can comfortably waddle off to prepare and pour a fresh cup of tea, it’s actually borderline usable.

The source code can be obtained via GitHub, which contains not just the basic emulated 80386 CPU written in C99, but also peripherals borrowed from TinyEMU and QEMU, along with a SeaBIOS ROM. In addition to the Windows 95 demo it’s claimed that Tiny386 should be able to run most 16/32-bit software.

Right now the ESP32-S3 version targets the JC3248W535 board, which is a roughly $30 development board featuring a built-in display with touch screen and an ESP32-S3 module. Although it has a USB-C port, it appears that this one is just for programming and not for the USB peripheral of the ESP32-S3. With the USB OTG peripheral used, one could conceivably make a small 386 system based around an ESP32-S3 that features a USB hub to plug a keyboard, mouse, etc. into.

Considering that the Tiny386 emulator is a very simple and straightforward approach to emulating an early-90s PC, some optimization might enable a pretty zippy general purpose PC for early 90s software. Quite a boost from watching Linux struggle into a command line on an AVR, indeed.

Continue reading “Tiny386 On An Espressif ESP32-S3”

What Do You Call An Ekranoplan With An Outboard Motor?

November 13, 2025 by 4 Comments

If there’s one thing [rctestflight] likes, it’s… probably radio controlled test flights. If there are two things [rctestflights] likes, the second one is probably ground-effect vehicles, AKA Ekranoplans. Tired of having them flip over and crash, he’s trying an an innovative solution: stick a planing hull on it.

Ekranoplans have a stability problem because the center-of-pressure isn’t static: as the wing gets closer to the ground, the high pressure cushion of air that creates the ground effect tends to put more lift rearwards. The net effect of that is to torque the vehicle nose-down, which is kind of a self-limiting problem at a fraction of a wingspan’s altitude. The opposite problem is more concerning: the higher the ekranoplan gets, the more it wants to nose up, and there’s nothing to stop it. That leads to the vehicle flipping over. Continue reading “What Do You Call An Ekranoplan With An Outboard Motor?”